Upgrade log4j to 2.17.0 per CVE-2021-45046 & CVE-2021-44228 & CVE-202…

…1-45105.
splunk · Dec 20, 2021 · 8b989e5 · 8b989e5
1 parent 22d8c30
commit 8b989e5
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,10 @@
 # Splunk Logging for Java Changelog
 
+## Version 1.6.2-0-2
+
+### Critical backport
+*  Upgrading to 2.17 per CVE-2021-45046 & CVE-2021-44228 & CVE-2021-45105.
+
 ## Version 1.6.2-0-1
 
 ### Critical backport

diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 # Splunk Logging for Java
 
-#### Version 1.6.2
+#### Version 1.6.2-0-2
 
 This project provides utilities to easily log data using Splunk's recommended 
 best practices to any supported logger, using any of the three major Java 

diff --git a/pom.xml b/pom.xml
@@ -6,7 +6,7 @@
 
   <groupId>com.splunk.logging</groupId>
   <artifactId>splunk-library-javalogging</artifactId>
-  <version>1.6.2-0-1</version>
+  <version>1.6.2-0-2</version>
   <packaging>jar</packaging>
 
   <name>Splunk Logging for Java</name>
@@ -197,13 +197,13 @@
      <dependency>
        <groupId>org.apache.logging.log4j</groupId>
          <artifactId>log4j-api</artifactId>
-         <version>2.16.0</version>
+         <version>2.17.0</version>
      </dependency>
 
      <dependency>
        <groupId>org.apache.logging.log4j</groupId>
        <artifactId>log4j-core</artifactId>
-       <version>2.16.0</version>
+       <version>2.17.0</version>
      </dependency>
 
     <dependency>